csci-351 - taejoong (tijay) chung...dnssec 101 13.com example.com 1.2.3.4 rrsig dnskey chain of...
TRANSCRIPT
-
CSCI-351 Data communication and Networks
Lecture 16: PKI + DNSSEC Warning: This may be hard to understand. Do not lose yourself during the class and keep asking questions
-
Project 4 Released
• DNSSEC Client
-
Final Schedule
• 8:00am — 10:30am at December 13th
• Comprehensive
-
Project 3Title
Scor
es
0
0.25
0.5
0.75
1
Category Axis
Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)Score ( 1 == FULL POINT)
Score ( 1 == FULL POINT)
Will send you the feedbacks of Project 2 and 3 by the next class
-
Please
-
Public Key Cryptography
Encryption
Public
Private
Alice
Authentication
Alice
6
-
Public Key Infrastructure
How can I trust this key?
PKIPublic Key Infrastructure (PKI) supports the (1) distribution and (2) identification of public key
….
7
-
Hierarchical Public Key Infrastructure
I only trust this key(s)
Trust Anchor(s)
HierarchicalPKI
Many secure protocols in the Internet rely on hierarchical PKI
Oh. now I trust your keyChain of trust
8
-
Something to plug (1)New course – Spring 2019
• I’ll be teaching a new (Graduate-Level) Seminar Course in the Spring 2019• GCCIS-CSCI-759 Topics In System• Title: Public Key Infrastructure and Network Security
• Security is really important! (who doesn’t say..)
9
-
Again, Signing and verification process
10
Data
Hashed Data(Digest)
Hash function (e.g., SHA256)
Data
Decrypted Digest
Signature(Encrypted Digest)
Signature(Encrypted Digest)
Hashed Data(Digest)
Hash function (e.g., SHA256)
Public
PrivateSender Receiver Public
Same or not?
-
Domain Name System (DNS)
example.com'sAuthoritativeDNS Server
Browser
11
DNS Resolver
example.com example.com
A records*
155.33.17.68
A records
155.33.17.68
*A record: one of the DNS records that contains IP addresses of a domain name
-
DNS Spoofing
example.com'sAuthoritativeDNS Server
Browser
12
DNS Resolver
example.com example.com
A recordsA records
1.2.3.4 155.33.17.68✗1.2.3.4Advertisement or other contents
-
. (root)
DNS Resolverexample.com'sAuthoritativeDNS Server
DNSSEC 101
13
.com
example.com
1.2.3.4 RRSIG
DNSKEY
Chain of Trust
-
. (root)
example.com'sAuthoritativeDNS Server
DNSSEC 101
14
.com
-
= Hash( )4c04a5 … ff0cdd
DNSSEC 101: Hierarchy Builds Trust
15
DS Record
RRSIG
example.com'sAuthoritativeDNS Server
.com
DS Record
-
16
DS Record
example.com'sAuthoritativeDNS Server
.comRRSIG
DNS ResolverDNSKEY
DS Record
DNSKEY
compare!
DNSSEC 101: Hierarchy Builds Trust
-
DNSSEC: Hierarchical PKI
I only trust this key
Root DNSKEY
example.com
17
.com
. (root) DS Record
DS Record
-
Signing and verification process in DNSSEC
18
DNS Records (RRSets)
Hash of DNS Records
Hash function (e.g., SHA256)
DNS Records (RRSets)
Hash of DNS Records
Signature (RRSIG)
Signature (RRSIG)
Hash of DNS Records
Hash function (e.g., SHA256)
Public
PrivateSender Receiver Public
Same or not?
-
Two DNSKEYs
19
example.com'sAuthoritativeDNS Server
A Record
Signature (RRSIG)
= Hash( )4c04a5 … ff0cdd
DS RecordDS Record
.com’sAuthoritativeDNS Server
DS Record
-
Two DNSKEYs
20
A Record
Signature (RRSIG)
.com’sAuthoritativeDNS Server
DS Record
example.com'sAuthoritativeDNS Server
Key Signing Key (KSK)
Zone Signing Key (ZSK)
ZSK
RRSIG of ZSK
= Hash( )4c04a5 … ff0cdd
DS RecordDS Record
-
Two DNSKEYsAre you serious? Why?
21
Frequently used to generate signatures for the DNS
records=> should be loaded on the memory
=> Not secure
Only used to generate the signature of “ZSK”
=> Not heavily used=> Stored in the offline storage
(e.g., HSM)=> More secure!
example.com'sAuthoritativeDNS Server
Key Signing Key (KSK)
Zone Signing Key (ZSK)
-
Revisiting 3 Principles of Information Security
• Confidentiality• Integrity• Availability
22
-
Motivation of this research
23
Even though DNSSEC was introduced 20 years ago!
-
Research Questions
24
If it is not managed well, then why?
How can we improve it?
How well is today’s DNSSEC PKI ecosystem managed?
-
How to Deploy DNSSEC (Correctly)
25
DNSKEY (1) Have DNSKEYs
RRSIGs (2) Generate Signatures
DS record Uploads
(3) Generate and upload DS record to the parent zone
-
Scanning All Domains
26
Daily Scans
TLDs .com, .org., .net
# of domains 147M domains
Interval every day
Period 2015/03/01 ~ 2016/12/31
Over 750 billion DNS Records
-
0
0.2
0.4
0.6
0.8
1
1.2
02/15 05/15 08/15 11/15 02/16 05/16 08/16 11/16
Perc
en
t o
f d
om
ain
s w
ith
DNSKEY
re
co
rd
Date
.com
.net
.org
How DNSSEC is deployed
27
Deployment DNSSEC deployment is rare, but growing
DNSKEY
RRSIGs
DS record Uploads
RRSIGs
~1.0%
-
Generating Signatures
28
~0.3%
Missing RRSIGs RRSIGs are rarely missing (0.3%)
0
0.5
1
1.5
2
2.5
02/15 05/15 08/15 11/15 02/16 05/16 08/16 11/16
missing SOA RRSIGmissing DNSKEY RRSIG
Perc
en
t o
f d
om
ain
sm
issin
g RRSIG
s
.com
.net
.org
~1.0%DNSKEY
RRSIGs
DS record Uploads
RRSIGs
-
Building a Chain of Trust
29
~0.3%
~30%
0
5
10
15
20
25
30
35
02/15 05/15 08/15 11/15 02/16 05/16 08/16 11/16Pe
rce
nt
of
do
ma
ins
mis
sin
gDS
re
co
rd
.com
.net
.org
DS Records
Nearly 30% of domains DO NOTupload DS records!
~1.0%DNSKEY
RRSIGs
DS record Uploads
RRSIGs
Why does DNSSEC deployment remain so small? Why are 30% of domains w/o DS records?
-
Deploying a DNSSEC on Your Server
30
.COM (Verisign)
Registry (TLD)
GoDaddyRegistrar OwnerBuy
example.comDS
RecordDS
Record
I need a domain
-
Third Party DNS Operator
31
Deleg
ate
CloudFlareThird-Party DNS Operator
.COM (Verisign)
GoDaddy
Registry (TLD)
Registrar
Buy
example.com
DS Record
-
Third Party DNS Operator
32
Deleg
ate
CloudFlareThird-Party DNS Operator
.COM (Verisign)
GoDaddy
Registry (TLD)
Registrar
Buy
example.com
-
Reseller
33
Deleg
ate
CloudFlareThird-Party
DNS Operator
.COM (Verisign)
ASCIO
Registry (TLD)
Registrar
Buy
example.comAntagonistReseller
DS Record
-
Checking Registrar’s DNSSEC Policy
34
Registrar DNS Operator
Registrar Supports DNSSEC?
Owner DNS Operator
Registrar Supports
DS upload?
RegistrarValidates
DS record?
-
Popular Registrar’s DNSSEC Policy
35
Registrar(Authoritative Nameserver)
GoDaddy (domaincontrol.com)
NameCheap (registrar-servers.com)
OVH (ovh.net)
HostGator (hostgator.com)
Amazon (aws-dns)
Google (googledomains.com)
123-reg (123-reg.co.uk)
RightSide (name.com)
eNom (name-services.com)
NameBright (namebrightdns.com)
DreamHost (dreamhost.com)
The others (10 registrars)
Registrar DNS
Operator
Some nameservers don’t support DNSSEC
Registrar Supports DNSSEC?
Registrar Supports
DS upload?
RegistrarValidates
DS record?
3/20
-
Anecdotal Examples
36
We saw the DNSKEY deployed (but not DS records) so asked why you don’t upload DS records.
[1] They removed a DNSSEC menu
We asked a registrar to upload a DS record to our domain via web live chat
It was installed on someone else’s domain due to a mistake by the customer service agent
We asked a registrar to upload a DS record by email from the different email address than the one that registered
It was installed successfully
Experiment Result
[2] “Most people do not understand DNS, so imagine the white faces when I mention DNSSEC”
-
Details of the Last Example
37
3:45:32 PM tijay hg-dnssec.com 3600 IN DS 2371 13 2 129f34c04ac58ece5218b9894148304a736a63757f58ff0cddd9b8df4989
3:56:09 PM Jeniffer S I have now save the request information! Manage DNSSEC paananenmusic.com Record added successfully. It can take 4-8 hours for DNS to propagate3:57:19 PM tijay paananenmusic.com?3:57:28 PM tijay my domain is hg-dnssec.com?
3:58:41 PM Jeniffer S I apologize, you are right, silly me, one moment
3:56:05 PM Jeniffer S Awesome! one moment
-
Popular Registrar’s DNSSEC Policy
38
Owner DNS Operator DS Upload
Web Email
————————
Registrar(Authoritative Nameserver)
GoDaddy (domaincontrol.com)
NameCheap (registrar-servers.com)
OVH (ovh.net)
HostGator (hostgator.com)
Amazon (aws-dns)
Google (googledomains.com)
123-reg (123-reg.co.uk)
RightSide (name.com)
eNom (name-services.com)
NameBright (namebrightdns.com)
DreamHost (dreamhost.com)
The others (10 registrars)
Registrar Supports DNSSEC?
Registrar Supports
DS upload?
RegistrarValidates
DS record?
3/20
11/20
-
Popular Registrar’s DNSSEC Policy
39
DS Validation
Registrar(Authoritative Nameserver)
GoDaddy (domaincontrol.com)
NameCheap (registrar-servers.com)
OVH (ovh.net)
HostGator (hostgator.com)
Amazon (aws-dns)
Google (googledomains.com)
123-reg (123-reg.co.uk)
RightSide (name.com)
eNom (name-services.com)
NameBright (namebrightdns.com)
DreamHost (dreamhost.com)
The others (10 registrars)
Owner DNS Operator DS Upload
Web Email
————————
Registrar Supports DNSSEC?
Registrar Supports
DS upload?
RegistrarValidates
DS record?
2/20
3/20
11/20
-
Summary: Registrar’s DNSSEC Support
40
DNS Operator
# of Registrar
Support DNSSEC?
Registrar 3/20
Owner 11/20
What this means to you
If you don’t want to run your own name server, most of the time, you CAN’T deploy DNSSEC (17/20)
If you do want run your own nameserver, still you CAN’T deploy
DNSSEC for 9/20
Check DS Validation Owner 2/11
If you happen to upload an incorrect DS record, your domain will be
inaccessible
Why are DNSSEC support of registrars so rare?
-
Cost of Managements
41
DNS DNSSEC
# of RecordsDNSSEC introduces much more records
(e.g., need signatures for each record)
Size of Records Signatures are usually 3~6 times larger than non-DNSSEC records*
Management -Strong KeyUnique Key
Rollover
Operational Cost
Operational cost of DNSSEC is higher than that of DNS
*DNSSEC and Its Potential for DDoS Attacks (IMC’14)
-
Case Study: Registrar’s Policy
42
Registrar DNS Operator
Owner DNS Operator
Support DNSSEC Pricing
Support DNSSEC Pricing
# of registrars 3Free: 2
11 FreePaid: 1
Registrars manage all DNS records
Registrars DO NOT need to manage DNS records at all
-
Scanning All Domains
43
TLDMeasurement Period
(Daily Scan)
Domains
Total Percent w/ DNSKEY
.com 2015/03/01 ~ 2016/12/31 118,147,199 0.7%
.net 2015/03/01 ~ 2016/12/31 13,773,903 1.0%
.org 2015/03/01 ~ 2016/12/31 9,682,750 1.1%
.nl 2016/02/09 ~ 2016/12/31 5,674,208 51.6%
.se 2016/06/07 ~ 2016/12/31 1,388,372 46.7%
-
0
20
40
60
80
100
05/15 08/15 11/15 02/16 05/16 08/16 11/16
Loopia (*.loopia.se)
Pe
rce
nt
of
do
ma
ins
wit
h DNSKEY
an
d DS
rec
ord
Date
.com
.net
.org.se.nl
0
20
40
60
80
100
KPN (*.is.nl)
.com
.net
.org.se.nl
Case Study: Financial Incentives
44
KPN
Financial Incentive
Financial gain is a huge incentive for deploying DNSSEC
.nl measurement begins here
.se measurement begins here
Loopia
to certain domains
-
DNSSEC Resolvers
45
-
Correct Deploymentfor Resolvers
46
DO Bit (1) DNSSEC OK bit in the header
Validation (2) Validate DNSSEC Records
-
Measuring DNS resolver
47
Comcast Network
DNS Resolver
Authoritative DNS Server
MeasurementNode
Client
Ads
No Control over the nodeNot Reproducible
-
NENS’2016
Hola Unblocker
-
Luminati
49
MeasurementNode
Local DNSResolver
Proxy
Comcast
Residential Authoritative DNS Server
AT&T
Rogers
Deutsche Telekom
Verizon
Control over the nodeReproducible
Scales
Node
-
NENS’2016
Get bostonglobe.com
Measurement ClientSuper ProxyExit Node
Exit Node’s DNS Server
HTTP
DNS
-
Luminati
51
Local DNSResolver
Authoritative DNS ServerNode
MeasurementNode
Comcast
Residential
Control over the nodeReproducible
Scales
-
Methodology
52
Local DNSResolver
Authoritative DNS Server
(Our testbed)
A records
w/ DO bit
RRSIG
A records
+ 8 other scenarios of incorrect DNSSEC records
-
Resolvers w/ DO Bit
53
DO Bit
Validation
- 4,427 resolvers- 83% of them are DO-bit enabled
-
Resolvers w/ DO Bit
54
DO Bit
Validation
- 3,635 (82%) fail to validate DNSSEC records
- 543 (12.2%) correctly validate DNSSEC records
Time Warner Cable InternetRogers Cable Communications
ComcastGoogle
- 4,427 resolvers- 83% of them are DO-bit enabled
-
Open Resolver Tests
55
Provide DO Bit Requested Validated?DS DNSKEY
Verisign YES YES YES YESGoogle YES YES YES YESDNSWatch YES YES YES YESDNS Advantage YES YES YES YESNorton ConnectSafe YES YES YES YESLevel3 YES NO NO NOComodo Secure DNS YES NO NO NOSafeDNS YES NO NO NODyn YES NO NO NOGreenTeamDNS* YES/NO YES YES NOOpenDNS NO NO NO NOOpenNIC NO NO NO NOFreeDNS NO NO NO NOAlternate DNS NO NO NO NOYandex DNS NO NO NO NO